Allow specified IP addresses to access the Internet through an interface on an S series switch

You can configure an ACL-based traffic policy and apply the traffic policy to an interface on an S series switch to allow specified IP addresses to access the Internet through the interface. For example, configure GE0/0/1 to allow only the user with the IP address of 1.1.1.2 and prevent all other users to access the Internet.
[HUAWEI] acl number 3030
[HUAWEI-acl-adv-3030] rule permit ip source 1.1.1.2 0
[HUAWEI-acl-adv-3030] quit
[HUAWEI] acl number 3031
[HUAWEI-acl-adv-3031] rule permit ip
[HUAWEI] traffic classifier test1
[HUAWEI-classifier-test1] if-match acl 3030
[HUAWEI] traffic classifier test2
[HUAWEI-classifier-test2] if-match acl 3031
[HUAWEI] traffic behavior test1
[HUAWEI-behavior-test1] permit
[HUAWEI] traffic behavior test2
[HUAWEI-behavior-test2] deny
[HUAWEI] traffic policy test
[HUAWEI-trafficpolicy-test] classifier test1 behavior test1
[HUAWEI-trafficpolicy-test] classifier test2 behavior test2
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] traffic-policy test inbound

Scroll to top